diff --git a/github/resource_github_branch_protection_v3.go b/github/resource_github_branch_protection_v3.go index 5b1a78c0e0..af9801a2de 100644 --- a/github/resource_github_branch_protection_v3.go +++ b/github/resource_github_branch_protection_v3.go @@ -128,6 +128,12 @@ func resourceGithubBranchProtectionV3() *schema.Resource { Description: "Require 'x' number of approvals to satisfy branch protection requirements. If this is specified it must be a number between 0-6.", ValidateDiagFunc: toDiagFunc(validation.IntBetween(0, 6), "required_approving_review_count"), }, + "require_last_push_approval": { + Type: schema.TypeBool, + Optional: true, + Default: false, + Description: "Require that the most recent push must be approved by someone other than the last pusher.", + }, "bypass_pull_request_allowances": { Type: schema.TypeList, Optional: true, diff --git a/github/resource_github_branch_protection_v3_test.go b/github/resource_github_branch_protection_v3_test.go index 5a3649e5b2..a585221ce4 100644 --- a/github/resource_github_branch_protection_v3_test.go +++ b/github/resource_github_branch_protection_v3_test.go @@ -320,6 +320,7 @@ func TestAccGithubBranchProtectionV3_required_pull_request_reviews(t *testing.T) dismiss_stale_reviews = true require_code_owner_reviews = true required_approving_review_count = 1 + require_last_push_approval = true dismissal_users = ["a"] dismissal_teams = ["b"] dismissal_apps = ["c"] @@ -347,6 +348,9 @@ func TestAccGithubBranchProtectionV3_required_pull_request_reviews(t *testing.T) resource.TestCheckResourceAttr( "github_branch_protection_v3.test", "required_pull_request_reviews.0.required_approving_review_count", "1", ), + resource.TestCheckResourceAttr( + "github_branch_protection_v3.test", "required_pull_request_reviews.0.require_last_push_approval", "true", + ), resource.TestCheckResourceAttr( "github_branch_protection_v3.test", "required_pull_request_reviews.0.dismissal_users.#", "1", ), diff --git a/github/resource_github_branch_protection_v3_utils.go b/github/resource_github_branch_protection_v3_utils.go index ca65fb41d8..88ab01bc8c 100644 --- a/github/resource_github_branch_protection_v3_utils.go +++ b/github/resource_github_branch_protection_v3_utils.go @@ -195,6 +195,7 @@ func flattenAndSetRequiredPullRequestReviews(d *schema.ResourceData, protection "dismissal_teams": schema.NewSet(schema.HashString, teams), "dismissal_apps": schema.NewSet(schema.HashString, apps), "require_code_owner_reviews": rprr.RequireCodeOwnerReviews, + "require_last_push_approval": rprr.RequireLastPushApproval, "required_approving_review_count": rprr.RequiredApprovingReviewCount, "bypass_pull_request_allowances": bpra, }, @@ -351,6 +352,8 @@ func expandRequiredPullRequestReviews(d *schema.ResourceData) (*github.PullReque rprr.DismissStaleReviews = m["dismiss_stale_reviews"].(bool) rprr.RequireCodeOwnerReviews = m["require_code_owner_reviews"].(bool) rprr.RequiredApprovingReviewCount = m["required_approving_review_count"].(int) + requireLastPushApproval := m["require_last_push_approval"].(bool) + rprr.RequireLastPushApproval = &requireLastPushApproval rprr.BypassPullRequestAllowancesRequest = bpra } diff --git a/website/docs/r/branch_protection_v3.html.markdown b/website/docs/r/branch_protection_v3.html.markdown index 9c492c5b5d..10413b6d67 100644 --- a/website/docs/r/branch_protection_v3.html.markdown +++ b/website/docs/r/branch_protection_v3.html.markdown @@ -118,6 +118,7 @@ For workflows that use reusable workflows, the pattern is `<initial_workflow.job * `require_code_owner_reviews`: (Optional) Require an approved review in pull requests including files with a designated code owner. Defaults to `false`. * `required_approving_review_count`: (Optional) Require x number of approvals to satisfy branch protection requirements. If this is specified it must be a number between 0-6. This requirement matches GitHub's API, see the upstream [documentation](https://developer.github.com/v3/repos/branches/#parameters-1) for more information. * `bypass_pull_request_allowances`: (Optional) Allow specific users, teams, or apps to bypass pull request requirements. See [Bypass Pull Request Allowances](#bypass-pull-request-allowances) below for details. +* `require_last_push_approval`: (Optional) Require that the most recent push must be approved by someone other than the last pusher. Defaults to `false` ### Restrictions